ubuntu

Over the years I have had to harden a great number of LAMP boxes, I have found some methods work for better than others. I will now share with you all my favorite 10 along with methods to implement them on Debian/Ubuntu.

10. Lock SSH access right down. I do this by disabling root logins, disabling password authentication and using denyhosts.

To disable root logins do this: vi /etc/ssh/sshd_config and look for the following line: PermitRootLogin yes and change it thus: PermitRootLogin no

To disable password authentication (you will have to use public/private keys) do this: vi /etc/ssh/sshd_config and look for the following line: #PasswordAuthentication yes (note its commented out) and change it thus: PasswordAuthentication no

To install denyhosts do this: apt-get install denyhosts once installed it shouldn't need any configuration, but you can tweak the settings if you wish in /etc/denyhosts.conf

9. Always use Sudo for root access, This is one of the things Ubuntu does really well and its about time other distros did the same.

OK, this is so cool and sexy, I really don't understand how I didn't find about this earlier. Possibly because it's the recent add-on to the well known script utility?

So, I suppose you all know about script. You type script, do your work, type exit, and you have your complete session logged in the file named typescript. Quite handy if you want to log everything you did in the shell for whatever reasons.

What you might not know is that script has an interesting switch which allows you to also save the exact timing data of the screen output you're capturing. And an additional utility called scriptreplay which can later replay your session in real-time. Like a movie. With perfect timing.

The other day I was playing with fun Google Trends tool and got an idea to check Ubuntu versus Debian popularity. You can see the result on the picture below and I don't know about you, but it simply amazes me how popular Ubuntu is these days. And not only that, but its popularity is growing day by day, while it can be easily seen that Debian is either stagnating or slowly fading out.